-
Notifications
You must be signed in to change notification settings - Fork 3.9k
/
Copy pathauthentication_test.go
123 lines (100 loc) · 3.55 KB
/
authentication_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
// Copyright 2021 The Cockroach Authors.
//
// Licensed as a CockroachDB Enterprise file under the Cockroach Community
// License (the "License"); you may not use this file except in compliance with
// the License. You may obtain a copy of the License at
//
// https://github.com/cockroachdb/cockroach/blob/master/licenses/CCL.txt
package sqlproxyccl
import (
"net"
"testing"
"github.com/cockroachdb/cockroach/pkg/util/leaktest"
"github.com/cockroachdb/errors"
"github.com/jackc/pgproto3/v2"
"github.com/stretchr/testify/require"
)
func TestAuthenticateOK(t *testing.T) {
defer leaktest.AfterTest(t)()
cli, srv := net.Pipe()
be := pgproto3.NewBackend(pgproto3.NewChunkReader(srv), srv)
fe := pgproto3.NewFrontend(pgproto3.NewChunkReader(cli), cli)
go func() {
err := be.Send(&pgproto3.ReadyForQuery{})
require.NoError(t, err)
beMsg, err := fe.Receive()
require.NoError(t, err)
require.Equal(t, beMsg, &pgproto3.ReadyForQuery{})
}()
require.NoError(t, authenticate(srv, cli))
}
func TestAuthenticateClearText(t *testing.T) {
defer leaktest.AfterTest(t)()
cli, srv := net.Pipe()
be := pgproto3.NewBackend(pgproto3.NewChunkReader(srv), srv)
fe := pgproto3.NewFrontend(pgproto3.NewChunkReader(cli), cli)
go func() {
err := be.Send(&pgproto3.AuthenticationCleartextPassword{})
require.NoError(t, err)
beMsg, err := fe.Receive()
require.NoError(t, err)
require.Equal(t, beMsg, &pgproto3.AuthenticationCleartextPassword{})
err = fe.Send(&pgproto3.PasswordMessage{Password: "password"})
require.NoError(t, err)
feMsg, err := be.Receive()
require.NoError(t, err)
require.Equal(t, feMsg, &pgproto3.PasswordMessage{Password: "password"})
err = be.Send(&pgproto3.AuthenticationOk{})
require.NoError(t, err)
beMsg, err = fe.Receive()
require.NoError(t, err)
require.Equal(t, beMsg, &pgproto3.AuthenticationOk{})
err = be.Send(&pgproto3.ParameterStatus{Name: "Server Version", Value: "1.3"})
require.NoError(t, err)
beMsg, err = fe.Receive()
require.NoError(t, err)
require.Equal(t, beMsg, &pgproto3.ParameterStatus{Name: "Server Version", Value: "1.3"})
err = be.Send(&pgproto3.ReadyForQuery{})
require.NoError(t, err)
beMsg, err = fe.Receive()
require.NoError(t, err)
require.Equal(t, beMsg, &pgproto3.ReadyForQuery{})
}()
require.NoError(t, authenticate(srv, cli))
}
func TestAuthenticateError(t *testing.T) {
defer leaktest.AfterTest(t)()
cli, srv := net.Pipe()
be := pgproto3.NewBackend(pgproto3.NewChunkReader(srv), srv)
fe := pgproto3.NewFrontend(pgproto3.NewChunkReader(cli), cli)
go func() {
err := be.Send(&pgproto3.ErrorResponse{Severity: "FATAL", Code: "foo"})
require.NoError(t, err)
beMsg, err := fe.Receive()
require.NoError(t, err)
require.Equal(t, beMsg, &pgproto3.ErrorResponse{Severity: "FATAL", Code: "foo"})
}()
err := authenticate(srv, cli)
require.Error(t, err)
codeErr := (*codeError)(nil)
require.True(t, errors.As(err, &codeErr))
require.Equal(t, codeAuthFailed, codeErr.code)
}
func TestAuthenticateUnexpectedMessage(t *testing.T) {
defer leaktest.AfterTest(t)()
cli, srv := net.Pipe()
be := pgproto3.NewBackend(pgproto3.NewChunkReader(srv), srv)
fe := pgproto3.NewFrontend(pgproto3.NewChunkReader(cli), cli)
go func() {
err := be.Send(&pgproto3.BindComplete{})
require.NoError(t, err)
beMsg, err := fe.Receive()
require.NoError(t, err)
require.Equal(t, beMsg, &pgproto3.BindComplete{})
}()
err := authenticate(srv, cli)
require.Error(t, err)
codeErr := (*codeError)(nil)
require.True(t, errors.As(err, &codeErr))
require.Equal(t, codeBackendDisconnected, codeErr.code)
}